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DETAILED ACTION 

1 . This action is responsive to communications: application, filed 8/18/2003; 
amendment filed 10/22/2009. 

2. Claims 1-5, 8-10, 12-14 are pending in the case. 

3. Claims 6, 7, and 1 1 are cancelled by the applicant. 

Response to Arguments 

4. Applicant's argument relative to the Ineffective Declaration is found non- 
persuasive. First, applicant has amended the claims to include new features and 
changed the scope of the claimed invention. Applicant does not identify any support for 
the new features in the invention identified by the declaration. Second, applicant's 
argument regarding support for features identified in the previous Office Action is also 
not persuasive. For example, applicant points to section "Problem to be Solved" as 
support for the feature of: "preventing the filtering information from being encrypted". 
However, that section merely states that when the header information is encrypted, it is 
not possible to perform filtering. This is merely stating a problem and does not teach the 
feature. Additional features stated in sections 6.1.2 to 6.1 .4. are not addressed. 
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Accordingly, applicant's argument regarding the declaration is non-persuasive, and 
reference Christensen is valid. 

5. Applicant's argument regarding prior art rejection is not persuasive. Applicant first 
argues that Christensen is not a valid reference based on their declaration. This 
argument is not persuasive according to the above discussion regarding the declaration. 

Applicant further argues: 

"Christensen discusses monitoring a Differential Services Code Point in an IP 
header or a priority level identifier in an RTP header and estimates whether a 
packet received is a VoIP packet in accordance with the H.323 Specification and 
SIP Specification. (See Christensen, column 8, lines 25-43, column 10, line 63- 
column 11, line 10). 

In other words, Christensen discusses estimating reasonable likelihood of a VoIP 
packet using a "voice information identifier" by monitoring a Differential Services 
Code Point or a priority level indicator. However, Christensen does not say it is 
not entirely determinable whether a packet contains voice data or not simply from 
the packet per se, but merely a reasonable likelihood." 



However, Christensen does not estimate reasonable likelihood of a VoIP packet using 
an identifier. In fact the word estimate is not found in the document. Christensen clearly 
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uses a VoIP identifier to determine operational parameters. The cited portion of 
Christensen at col. 10 states: 

"In one embodiment of the invention, the operating parameter may be 
determined by receiving a packet with an operating parameter identifier. If there 
is no operating parameter identifier, an operating parameter may be inferred 
using one or more rules or heuristics as discussed above. The operating 
parameter identifier may be retrieved from the packet. In one embodiment of the 
invention, the operating parameter identifier may represent a priority level. More 
particularly, the operating parameter identifier may be one of a group comprising 
a DSCP, an RTP identifier, a VOIP identifier and a voice information identifier. 
The term "voice information identifier" as used herein may refer to any explicit 
identification that a packet may carry voice and/or video information. " 

Therefore, Christensen clearly and explicitly teaches using a VoIP identifier, and there is 
no estimation or likelihood involved. 

Applicant also argues that Christensen does not contemplate a problem associated with 
an encrypted header. However, the rejection does not cite Christensen for such feature. 
That feature is addresses using teaching of Arrow. The rejection of claim 1 under 
section 103 explains how the combination makes claimed invention obvious. 
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Applicant's argument regarding all independent claims is based on the argument 
discussed above, and the new feature added to the claims, which is addressed in the 
following rejection. 

With regards to dependent claim 5, applicant argues that Arrow only teaches a lookup 
table which identifies the members of the VPN rather than a filter key table for filtering 
VoIP. However, the cited portion of Arrow clearly teaches a filter key table holding a 
predetermined plurality of different filter keys, a search unit for searching if there is a 
filter key matching with a filter key detected by the filter key detecting unit in the filter 
key table (see Arrow col. 7 lines 40-55). Filtering VoIP packets is taught by the 
combination of Arrow and Christensen as discussed in the claim rejection. As 
mentioned above, Christensen teaches a VoIP identifier in the packet headers that is 
useful for setting operational parameters. The combination of Arrow and Christensen 
makes it obvious to use the VoIP identifier in the packet filtering scheme as taught by 
Arrow. 

Accordingly, all the features of the claimed invention is made obvious by the 
combination of Arrow in view of Christensen, and applicant's argument is found non- 
persuasive. 



Claim Rejections - 35 USC § 103 
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6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 1-5, 8-10, 12-14 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Arrow et al. (US Patent No. 6'154'839, dated Nov. 28, 2000) in view 
of Christensen (US Patent No. 7'292'530, filed Dec. 29, 2000), hereinafter called Chris. 

7.1 . As per claim 1 , Arrow is directed to a packet filtering method characterized by 
storing filtering information for use in filtering at a receiving side in an encrypted packet 
to be sent to the receiving side and sending it from a sending side (col. 6 lines 46-60 
shows the encryption and authentication information is added to a packet at sending 
side, and verified at the receiving side. In addition, col. 12 lines 35-46 show that packets 
are decrypted after they are authenticated, and therefore, it shows packets were 
encrypted. Also Arrow teaches that if the packets are not authenticated they are filtered 
out), wherein an Ipv6 extended header added to an Ipv6 header or in a flow label region 
in an Ipv6 header is used to transmit the filtering information as to prevent the filtering 
information from being encrypted, when the packet is a packet in compliance with Ipv6 
(Fig. 8 and associated text shows the filtering data is placed in the address field of a 
packet. Arrow Fig 9 and associated text shows that user ID information, which is used 
for authentication (filtering) is put in the header of a packet. Address field of packets, 
such as IP packets are in the packet header. Column 6 lines 21-35 teach IP packets as 
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examples for implementation of invention. It also explicitly teaches to use the technique 
regardless of the current version of IP protocol (col. 6 lines 30-35), which was Ipv6 at 
the time of invention. Ipv6 was well known at the time of invention. Therefore, Arrow 
teaches putting filtering information in a header of a packet and also suggests using IP 
packets for implementation. Therefore, Arrow makes it obvious to put the filtering 
information in the header of an Ipv6 packet header. Also, as mentioned above, Arrow 
teaches authenticating the packet before decrypting it. Therefore, the authentication 
information (filtering info) was not encrypted); 

said filtering information is used to identifying a specific value showing a VoIP 
performing a VoIP communication (Arrow does not explicitly teach said filtering 
information is used to identifying a specific value showing a VoIP performing a VoIP 
communication. Chris is directed to a method of improving network performance by 
recognizing high priority packets from information in the packet header, and process 
high priority packets accordingly. In particular, Chris col. 8 lines 25 to 43 shows VoIP 
packets are recognized (filtered) from header information and given higher priority Also, 
Chris col. 10 line 63 to col. 1 1 line 10 shows that the operating parameter in the header 
is a VoIP identifier. Therefore, Chris teaches filtering information is used to identifying a 
specific value showing a VoIP performing a VoIP communication, and uses this 
information to prioritize the service. At the time of invention, it would have been obvious 
to the one skilled in art to enhance Arrows system which stores filtering information in 
the header of an encrypted packet by including filtering information to filter VoIP packets 
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as taught by Chris. The motivation to do so, is as stated by Chris (e.g. abstract) would 
be to enhance the quality of service of the network by prioritizing more sensitive packets 
such as VoIP packets.); 

and the specific value showing the VoIP provides a first function of the filtering 
and a second function of having a communication partner recognize the VoIP, 
simultaneously (As discussed above, and in col. 7 lines 9-30, Arrow teaches a filtering 
system that filters packets based on specific values in the packet headers. The 
combination of Arrow and Christensen makes it obvious to filter VoIP packets based on 
a specific VoIP identifier in the packet header. Christensen teaches using that specific 
VoIP parameter to set the operational parameters, and therefore recognize the VoIP 
communication. Therefore, Arrow in view of Christensen makes it obvious to use the 
VoIP identifier to do both the filtering function and having a communication partner 
recognize the VoIP, simultaneously). 

7.2. As per claim 2, Arrow in view of Chris is directed to a packet filtering method 
characterized by, receiving an encrypted packet at the receiving side, from a sending 
side, detecting filtering information stored in that packet (see response to claim 1), 
holding predetermined filtering information of the receiving side, comparing filtering 
information of the sending side detected from the packet with the filtering information of 
the receiving side, and, when the two do not match, discarding that packet (for example, 
col. 8, lines 4-23, or col. 6, lines 45-60), wherein an Ipv6 extended header added to an 
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Ipv6 header or in a flow label region in an Ipv6 header, is used to transmit the filtering 
information so as to prevent encrypting the filtering information when the packet is a 
packet in compliance with Ipv6, wherein said filtering information is used to identify a 
specific value showing a VoIP performing VoIP communication (see response to claim 
1)- 

7.3. As per claim 4, limitations of claim 4 are substantially the same as claim 1 , and 
note that the comparing function unit is equivalent to the authenticating unit of Arrow as 
shown in col. 12 line 21-34. 

7.4. As per claim 5, Arrow in view of Chris is directed to a communication equipment 
as set forth in claim 4, characterized in that: the equipment is provided with a buffer for 
temporarily storing a received packet passing through the filter key detecting unit and in 
that the comparing function unit is comprised of: a filter key table holding a 
predetermined plurality of different filter keys (col. 7, lines 40-55), a search unit for 
searching if there is a filter key matching with a filter key detected by the filter key 
detecting unit in the filter key table and when there is none, outputting a discard 
command, and a buffer control unit for receiving the discard command and controlling 
the system so as to discard the packet stored in the buffer (see response to claim 3). 

7.5. Limitations of claims 3, 7-10 and 14 are substantially the same as limitations of 
claims 1, 2, 4 and 5 above. Note that per col. 12 lines 20-35, the user is authenticated in 
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advance and have received proper authentication information to include in the packet 
user ID field. This authentication information is used by the firewall to authenticate 
user's packet. Note also that the functionality and hardware required to hold the filter 
keys and storing them is inherent to Arrow's system. Also note that Arrow col. 7 lines 
40-55 teach that the equipment is provided with a buffer for temporarily storing a 
received packet passing through the filter key detecting unit and in that the comparing 
function unit is comprised of a filter key table holding a predetermined plurality of 
different filter keys. 

7.6 As per claim 12, Arrow in view of Chris is directed to a communication equipment 
as set forth in claim 4, wherein an authentication apparatus is further included, the 
authentication apparatus having: a filtering authentication function unit for receiving user 
authentication information input from a user receiving a filtering service and 
authenticating the user (Arrow col. 7 lines 30-40); and a filter key providing function unit 
for assigning and distributing said filter key to be stored in a packet corresponding to the 
user authentication information to the user after the authentication at the filtering 
authentication function unit (Arrow's claim 4 and also see Fig. 9 and associated text). 

7.7. As per claim 1 3, Arrow in view of Chris is directed to a communication 
equipment as set forth in claim 12, wherein said filtering authentication function unit has: 
a user authentication database in which user authentication information is 
registered in advance, and a decision unit for determining the veracity of the input user 
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authentication information by referring to the user authentication database; and said 
filter key providing function unit has: a filter key assigning table holding said filter key 
assigned in advance corresponding to user authentication information, and a filter key 
sending unit for sending a corresponding filter key from the filter key assigning table to 
the user when the veracity is confirmed (Arrow col. 12 line 2 to 63 shows an 
embodiment where the authentication data is readily stored in the Address Translation 
Unit, where the data is used to authenticate the user (Also see Arrow claim 4). Arrow 
Fig 4 and 5 show use of a database to store information processed by the system, and 
a command module for executing commands received. A database stored information in 
tables, and once queried for a data item searches the tables for a match and provides 
the queried information. Note that to perform authentication, the authentication 
information must be stored and made available to the authenticating system). 



Conclusion 



8. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is (571 ) 
272-3739. The examiner can be normally reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on (571) 272-7874. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 



/Farid Homayounmehr/ 
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